WGU D487 SECURE SW DESIGN EXAM 2024/2025 ACTUAL
EXAM 2 VERSIONS (VERSION A AND B) COMPLETE ACCURATE
EXAM QUESTIONS WITH DETAILED VERIFIED ANSWERS (100%
CORRECT ANSWERS) /ALREADY GRADED A+.
Which practice in the Ship (A5) phase of the security
development cycle uses
tools to identify weaknesses in the product? - ANSWER-
Vulnerability scan
Which post-release support activity should be completed when
companies are
joining together? - ANSWER-Security
architectural reviews
Which of the Ship (A5) deliverables of the security development
cycle are performed with A5 policy compliance analysis? -
ANSWER-analyze activities and standards
Which business function of OpenSAMM is associated with
the following core
practices, verification? - ANSWER-
code review
,Which practice in the Ship (A5) phase of the security
development cycle verifies whether the product meets security
mandates? - ANSWER-A5 policy compliance analysis
Which post-release support activity defines the process to
communicate, identify,
and alleviate security threats? - ANSWER-PRSA1:
External vulnerability
disclosure
response
What are two core practice areas of the OWASP Security
Assurance Maturity
Model (OpenSAMM)? - ANSWER-Governance,
Construction
Which practice in the Ship (A5) phase of the security
development cycle uses
tools to identify weaknesses in the product? - ANSWER-
Vulnerability scan
Which post-release support activity should be completed when
companies are
,joining together? - ANSWER-Security
architectural reviews
Which of the Ship (A5) deliverables of the security
development cycle are
performed during the A5 policy compliance analysis? -
ANSWER-Analyze
activities and
standards
Which of the Ship (A5) deliverables of the security development
cycle are performed during the code-assisted penetration
testing? - ANSWER-white-box security test
Which of the Ship (A5) deliverables of the security development
cycle are performed during the open-source licensing review? -
ANSWER-license compliance
Which of the Ship (A5) deliverables of the security
development cycle are
performed during the final security review? - ANSWER-
Release and ship
, How can you establish your own SDL to build security into a
process appropriate for your organization's needs based on
agile? - ANSWER-iterative development
How can you establish your own SDL to build security into a
process appropriate
for your organization's needs based on devops? -
ANSWER-continuous
integration and continuous
deployments
How can you establish your own SDL to build security into a
process appropriate
for your organization's needs based on cloud? - ANSWER-
API invocation
processes
How can you establish your own SDL to build security into a
process appropriate
for your organization's needs based on digital enterprise? -
ANSWER-enables
and improves business
activities
EXAM 2 VERSIONS (VERSION A AND B) COMPLETE ACCURATE
EXAM QUESTIONS WITH DETAILED VERIFIED ANSWERS (100%
CORRECT ANSWERS) /ALREADY GRADED A+.
Which practice in the Ship (A5) phase of the security
development cycle uses
tools to identify weaknesses in the product? - ANSWER-
Vulnerability scan
Which post-release support activity should be completed when
companies are
joining together? - ANSWER-Security
architectural reviews
Which of the Ship (A5) deliverables of the security development
cycle are performed with A5 policy compliance analysis? -
ANSWER-analyze activities and standards
Which business function of OpenSAMM is associated with
the following core
practices, verification? - ANSWER-
code review
,Which practice in the Ship (A5) phase of the security
development cycle verifies whether the product meets security
mandates? - ANSWER-A5 policy compliance analysis
Which post-release support activity defines the process to
communicate, identify,
and alleviate security threats? - ANSWER-PRSA1:
External vulnerability
disclosure
response
What are two core practice areas of the OWASP Security
Assurance Maturity
Model (OpenSAMM)? - ANSWER-Governance,
Construction
Which practice in the Ship (A5) phase of the security
development cycle uses
tools to identify weaknesses in the product? - ANSWER-
Vulnerability scan
Which post-release support activity should be completed when
companies are
,joining together? - ANSWER-Security
architectural reviews
Which of the Ship (A5) deliverables of the security
development cycle are
performed during the A5 policy compliance analysis? -
ANSWER-Analyze
activities and
standards
Which of the Ship (A5) deliverables of the security development
cycle are performed during the code-assisted penetration
testing? - ANSWER-white-box security test
Which of the Ship (A5) deliverables of the security development
cycle are performed during the open-source licensing review? -
ANSWER-license compliance
Which of the Ship (A5) deliverables of the security
development cycle are
performed during the final security review? - ANSWER-
Release and ship
, How can you establish your own SDL to build security into a
process appropriate for your organization's needs based on
agile? - ANSWER-iterative development
How can you establish your own SDL to build security into a
process appropriate
for your organization's needs based on devops? -
ANSWER-continuous
integration and continuous
deployments
How can you establish your own SDL to build security into a
process appropriate
for your organization's needs based on cloud? - ANSWER-
API invocation
processes
How can you establish your own SDL to build security into a
process appropriate
for your organization's needs based on digital enterprise? -
ANSWER-enables
and improves business
activities
